I use it myself when I have to boot from an install floppy of Linux, from then on working on the hard drive as if I had booted from it.

A chroot jail consists in executing a process after having executed chroot. It therefore does'nt see the rest of the filesystem. It helps secure otherwise faulty daemons such as sendmail or bind with such a bad security track record that you'd better watch your butt as much as possible. Be warned, though, that root can always exit from a chroot jail. All it takes is chroot ../../../../... This is reported as a security defect on linux-kernel every other month. According to Alan Cox, this is the correct behaviour, and would be impossible to fix anyway. The solution is to avoid running processes as root under a chroot, POSIXcapabilities make it possible. It's also a good idea to mount the filesystem on which the chroot jail reside with option nosuid.

One annoying thing about chroot is that you can't have two directory trees chrooted. This means that if you run an anonymousftpserver, you can only have one directory tree offered inside it. Therefore, if you want to offer two filesystems on an anonymous FTP server, you have to do stupid tricks like loopback NFS mounts, or physically mount the filesystem in the chrooted anonymous ftp server tree.